Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability

BID:52103

Info

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability

Bugtraq ID: 52103
Class: Boundary Condition Error
CVE: CVE-2012-0870
Remote: Yes
Local: No
Published: Feb 21 2012 12:00AM
Updated: Jun 25 2012 01:00PM
Credit: Andy Davis of NGS Secure
Vulnerable: Ubuntu Ubuntu Linux 8.04 LTS 0
SuSE SUSE Linux Enterprise Server for VMware 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP4
SuSE SUSE Linux Enterprise Server 10 SP3 LTSS
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise SDK 11 SP2
SuSE SUSE Linux Enterprise SDK 10 SP4
SuSE SUSE Linux Enterprise Desktop 11 SP2
SuSE SUSE Linux Enterprise Desktop 10 SP4
+ Linux kernel 2.6.5
SuSE openSUSE 12.1
Samba Samba 3.3.16
Samba Samba 3.3.15
Samba Samba 3.3.14
Samba Samba 3.3.13
Samba Samba 3.3.12
Samba Samba 3.3.11
Samba Samba 3.3.10
Samba Samba 3.3.9
Samba Samba 3.3.8
Samba Samba 3.3.7
Samba Samba 3.3.6
Samba Samba 3.3.5
Samba Samba 3.3.4
Samba Samba 3.3.3
Samba Samba 3.3.1
Samba Samba 3.3
Samba Samba 3.2.15
Samba Samba 3.2.14
Samba Samba 3.2.13
Samba Samba 3.2.12
Samba Samba 3.2.11
Samba Samba 3.2.10
Samba Samba 3.2.7
Samba Samba 3.2.6
Samba Samba 3.2.5
Samba Samba 3.2.4
Samba Samba 3.2.3
Samba Samba 3.2.2
Samba Samba 3.2.1
Samba Samba 3.2
Samba Samba 3.0.37
Samba Samba 3.0.36
Samba Samba 3.0.35
Samba Samba 3.0.34
Samba Samba 3.0.33
Samba Samba 3.0.32
Samba Samba 3.0.31
Samba Samba 3.0.30
Samba Samba 3.0.29
Samba Samba 3.0.28 a
Samba Samba 3.0.28 a
Samba Samba 3.0.28
Samba Samba 3.0.27
Samba Samba 3.0.26
Samba Samba 3.0.25 rc3
Samba Samba 3.0.25 rc2
Samba Samba 3.0.25 rc1
Samba Samba 3.0.25 pre2
Samba Samba 3.0.25 pre1
Samba Samba 3.0.25 c
Samba Samba 3.0.25 b
Samba Samba 3.0.25 a
Samba Samba 3.0.25
Samba Samba 3.0.24
Samba Samba 3.0.23
Samba Samba 3.0.22
+ Ubuntu Ubuntu Linux 6.06 LTS sparc
 + Ubuntu Ubuntu Linux 6.06 LTS powerpc
 + Ubuntu Ubuntu Linux 6.06 LTS i386
 + Ubuntu Ubuntu Linux 6.06 LTS amd64
 Samba Samba 3.0.21
Samba Samba 3.0.20
+ Slackware Linux 10.2
Samba Samba 3.0.19
Samba Samba 3.0.18
Samba Samba 3.0.17
Samba Samba 3.0.16
Samba Samba 3.0.15
Samba Samba 3.0.14
Samba Samba 3.0.13
Samba Samba 3.0.12
Samba Samba 3.0.11
Samba Samba 3.0.10
+ Slackware Linux 10.1
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.1
Samba Samba 3.0.9
Samba Samba 3.0.8
Samba Samba 3.0.7
+ Mandriva Linux Mandrake 10.1 x86_64
 + Mandriva Linux Mandrake 10.1 x86_64
 + Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.1
+ OpenPKG OpenPKG 2.2
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.2
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Trustix Secure Linux 2.0
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.5
+ Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia32
 + Ubuntu Ubuntu Linux 4.1 ia32
 Samba Samba 3.0.6
Samba Samba 3.0.5
Samba Samba 3.0.4 -r1
Samba Samba 3.0.4
+ OpenPKG OpenPKG 2.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1
+ Slackware Linux 10.0
Samba Samba 3.0.3
Samba Samba 3.0.2 a
Samba Samba 3.0.2 a
Samba Samba 3.0.2
Samba Samba 3.0.1
Samba Samba 3.0 alpha
Samba Samba 3.3.2
Samba Samba 3.2.9
Samba Samba 3.2.8
Samba Samba 3.1
Samba Samba 3.0.4 Rc1
Samba Samba 3.0.27a
Samba Samba 3.0.27 A
Samba Samba 3.0.26a
Samba Samba 3.0.26 A
Samba Samba 3.0.25 C
Samba Samba 3.0.25 B
Samba Samba 3.0.25 A
Samba Samba 3.0.23d
Samba Samba 3.0.23c
+ Slackware Linux 11.0
 Samba Samba 3.0.23b
Samba Samba 3.0.23a
Samba Samba 3.0.23 D
Samba Samba 3.0.23 C
Samba Samba 3.0.23 B
Samba Samba 3.0.23 A
Samba Samba 3.0.21c
Samba Samba 3.0.21b
Samba Samba 3.0.21a
Samba Samba 3.0.21 C
Samba Samba 3.0.21 B
Samba Samba 3.0.21 A
Samba Samba 3.0.20b
Samba Samba 3.0.20a
Samba Samba 3.0.20 B
Samba Samba 3.0.20 A
Samba Samba 3.0.14a
Samba Samba 3.0.14 A
Samba Samba 3.0.0
S.u.S.E. SUSE CORE 9 for x86
S.u.S.E. CORE 9
Research In Motion Blackberry PlayBook Tablet Software 1.0.8.6067
Research In Motion Blackberry PlayBook Tablet Software 1.0.8.4985
Research In Motion Blackberry PlayBook Tablet Software 1.0.7.3312
Research In Motion Blackberry PlayBook Tablet Software 1.0.7.2942
Research In Motion Blackberry PlayBook Tablet Software 1.0.6
Research In Motion Blackberry PlayBook Tablet Software 1.0.5.2342
Research In Motion Blackberry PlayBook Tablet Software 1.0.5.2304
RedHat Enterprise Linux WS 5
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 5
RedHat Enterprise Linux ES 4.9.z
RedHat Enterprise Linux ES 4.8.z
RedHat Enterprise Linux ES 4.7.z
RedHat Enterprise Linux ES 4.6.z
RedHat Enterprise Linux ES 4.5.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
RedHat Enterprise Linux 5.4
RedHat Enterprise Linux 5.3.z server
RedHat Enterprise Linux 5.2.z server
RedHat Enterprise Linux 5.1
RedHat Enterprise Linux 5.0
RedHat Enterprise Linux 5 Client
RedHat Desktop 4.0
Red Hat Enterprise Linux Long Life 5.6 server
Red Hat Enterprise Linux Long Life 5.3 Server
Red Hat Enterprise Linux EUS 5.6.z server
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5.7
Red Hat Enterprise Linux 5.6.z server
Red Hat Enterprise Linux 5.4.z server
Red Hat Enterprise Linux 5.3.LL
Red Hat Enterprise Linux 5 Server
Red Hat Desktop Workstation 5
Oracle Enterprise Linux 4
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Gentoo Linux
Avaya Voice Portal 5.1.2
Avaya Voice Portal 5.1.1
Avaya Voice Portal 5.1 SP1
Avaya Voice Portal 5.1
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0 SP2
Avaya Voice Portal 5.0 SP1
Avaya Voice Portal 5.0
Avaya Proactive Contact 4.1.2
Avaya Proactive Contact 4.1.1
Avaya Proactive Contact 4.2.2
Avaya Proactive Contact 4.2.1
Avaya Proactive Contact 4.2
Avaya Proactive Contact 4.1
Avaya Proactive Contact 4.0.1
Avaya Proactive Contact 4.0
Avaya Messaging Storage Server 5.2.8
Avaya Messaging Storage Server 5.2.2
Avaya Messaging Storage Server 5.2 SP3
Avaya Messaging Storage Server 5.2 SP2
Avaya Messaging Storage Server 5.2 SP1
Avaya Messaging Storage Server 5.2
Avaya Message Networking 5.2.1
Avaya Message Networking 5.2.4
Avaya Message Networking 5.2.3
Avaya Message Networking 5.2.2
Avaya Message Networking 5.2 SP1
Avaya Message Networking 5.2
Avaya IP Office Application Server 8.0
Avaya Aura System Manager 6.1.3
Avaya Aura System Manager 6.1.2
Avaya Aura System Manager 6.1.1
Avaya Aura System Manager 6.1 SP2
Avaya Aura System Manager 6.1 Sp1
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0 SP1
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Presence Services 6.1.1
Avaya Aura Presence Services 6.1
Avaya Aura Presence Services 6.0
Apple Mac OS X Server 10.6.6
Apple Mac OS X Server 10.6.5
Apple Mac OS X Server 10.6.5
Apple Mac OS X Server 10.6.4
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.2
Apple Mac OS X Server 10.6.1
Apple Mac Os X Server 10.6.8
Apple Mac Os X Server 10.6.7
Apple Mac OS X Server 10.6
Apple Mac OS X 10.6.5
Apple Mac OS X 10.6.4
Apple Mac OS X 10.6.3
Apple Mac OS X 10.6.2
Apple Mac OS X 10.6.1
Apple Mac OS X 10.6
Not Vulnerable: Research In Motion Blackberry PlayBook Tablet Software 2.0.0.7971

Discussion

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability

Samba is prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code with the privileges of the application. Failed exploit attempts will result in a denial-of-service condition.

Samba versions prior to 3.4.0 are affected.

Exploit / POC

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.


Samba Samba 3.0.20b

Samba Samba 3.0.23c

Samba Samba 3.0.21a

Samba Samba 3.0.27a

Samba Samba 3.2.9

MandrakeSoft Enterprise Server 5

Samba Samba 3.0.21b

Samba Samba 3.0.10

Samba Samba 3.0.14

Samba Samba 3.0.17

Samba Samba 3.0.18

Samba Samba 3.0.19

Samba Samba 3.0.20

Samba Samba 3.0.22

Samba Samba 3.0.23

Samba Samba 3.0.25 rc2

Samba Samba 3.0.25 pre2

Samba Samba 3.0.25 b

Samba Samba 3.0.26

Samba Samba 3.0.28 a

Samba Samba 3.0.29

Samba Samba 3.0.31

Samba Samba 3.0.32

Samba Samba 3.0.34

Samba Samba 3.0.4 -r1

Samba Samba 3.0.4

Samba Samba 3.0.5

Samba Samba 3.0.7

Samba Samba 3.2.1

Samba Samba 3.2.11

Samba Samba 3.2.13

Samba Samba 3.2.2

Samba Samba 3.2.5

Samba Samba 3.3.10

Samba Samba 3.3.14

Samba Samba 3.3.15

Samba Samba 3.3.6

Samba Samba 3.3.9

References

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report